diff options
| author | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2009-03-23 08:31:20 +0000 |
|---|---|---|
| committer | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2009-03-23 08:31:20 +0000 |
| commit | 9cea0b124e3ef374ce903c8485c5c1f2451c4b53 (patch) | |
| tree | 97fa27956bae3c5696decc7e85deabc108e40ec9 | |
| parent | 340a02a4336a02115eb908a48618814bf35fd924 (diff) | |
Fixed a possible out-of-bounds memory access if the environment variable
SHELL is shorter than 3 characters.
with input by and ok dtucker
| -rw-r--r-- | usr.bin/ssh/ssh-agent.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 0d2abe222e7..36c475f79cf 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.159 2008/06/28 14:05:15 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.160 2009/03/23 08:31:19 tobias Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1094,7 +1094,7 @@ main(int ac, char **av) if (ac == 0 && !c_flag && !s_flag) { shell = getenv("SHELL"); if (shell != NULL && - strncmp(shell + strlen(shell) - 3, "csh", 3) == 0) + strncmp(shell + MAX(strlen(shell) - 3, 0), "csh", 3) == 0) c_flag = 1; } if (k_flag) { |